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[57] ABSTRACT 

A file security system of such a constitution that after 
plaintext has been enciphered by data encryption key 
means the encryption key means per se is stored or 
made freely transmissible in the state further enciphered 
by the encryption key maintained in secret and the 
information thus processed can be deciphered into 
plaintext information only by making good use of said 
encryption key means. 

6 Claims, 3 Drawing Sheets 
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FILE SECURITY SYSTEM 

BACKGROUND OF THE INVENTION 

1. Field of the Invention ^ 
The present invention relates to a file security system 

in which it has been made possible that enciphered data 
are stored in a storage medium and said data are deci- 
phered only by the deciphering means specifically kept ,q 
secret. 

2. Prior Art 

Heretofore, in order to prevent information from 
being disguised or disclosed, the technique of keeping 
enciphered information in custody has been widely put 
to practical use not only for military but also for civilian 
purposes, and as an algorithm for the enciphering, for 
instance. Data Encryption Standard (DBS) was pub- 
lished in the United State of America in 1977, 

Accordingly, in the case where a writing (plaintext) 20 
which one can read and understand is to be enciphered 
as occasion demands, it has been devised in such a way 
that the plaintext is enciphered and written in an auxil- 
iary storage means by driving the encryption unit 
through the user's application program by utilizing, for 25 
instance, the above-described Data Encryption Stan- 
dard, and then the "key" composed of one kind of ran- 
dom number used in the above-described algorithm is 
utilized to achieve the deciphering. Thus, as the user, 
only the information whose enciphering desired could 30 
be enciphered and deciphered. 

Further, as one of the commercialized techniques of 
information transfer according to such DES there is 
known, for instance, the Bank of Japan Finance Net- 
work System. 

The characteristic points in the above-described sys- 
tem are found in that in the case of data transmission, in 
order to prevent the surreptitious reading, disguise, or 
unjust input of the information the system is designed to 
encipher the information according to the above- ^ 
described DES, and also in the case of data output, it is 
designed to prevent disguise of the information by mak- 
ing full use of the Message Authentication Code (MAC) 
which is unique character produced by enciphering 
techniques, thus ensuring the safety of information 
transmission as well as the proof of transaction. 

Further, in the Credit and Finance Information Sys- 
tem it is contemplated that the privacy of the user's 
information is strictly kept in such a way that by utiliz- jq 
ing the terminal equipment the user's account number of 
sales telegram is enciphered and this information .is 
communicated from the bank to the center of the above- 
described Credit and Finance Information System. 

In the above-described techniques of keeping infor- 55 
mation secret, there have still remained the following 
problems to be solved. 

In the first place, since the algorithm of the above- 
described Data Encryption Standard has now been 
prevailingly known, the users are taking pains to keep ^0 
the above-described particular *'key" secret for the 
maintenance of the privacy of information. 

In the next place, with regard to, for instance, "the 
account number" or "the information retrievable by 
name" in the banking business the portion correspond- 65 
ing to the retrieving key cannot be enciphered as a 
matter of course, so that it is not possible in actuality to 
contemplate the enciphering of the whole information, 



rendering it inevitable to use the application program 
by particular programming. 

Furthermore, in the case where as the storage me- 
dium for the information storage and transmission, use 
is made of the magneto-optical disk MOD which may 
also be called a floppy disk of an especially large capac- 
ity, it is convenient in that transportation is easy on 
account of its compactness, whereas there remain possi- 
bilities such that it can be readily carried away, mis- 
delivered, and so on, and therefore, in the security man- 
agement of information an original idea or a new device 
is found to be indispensable. 

SUMMARY OF THE INVENTION 

The present invention provides a system which can 
solve the problems unsolved in the above-described 
prior art, that is, a file security system characterized in 
that as the means it comprises the first enciphering 
means which enciphers the plain-text information pro- 
vided by the use of a data encryption key and the sec- 
ond enciphering means which is provided with an en- 
cryption key capable of enciphering said data encryp- 
tion key, and while designing the system in such a way 
that the information enciphered by the above-described 
encryption key is stored in a magneto-optical floppy 
and this information is deciphered only by the above- 
described encryption key, it is further provided with the 
data processing means which enables operations of ex- 
clusive OF and substitution as well as chain means be- 
tween the codes. 

BRIEF DESCRIPTION OF THE DRAWINGS 

FIG. 1 shows the whole aspect of the constitution of 
the system of the present invention, 

FIG. 2 is a block diagram showing the enciphering 
means in FIG. 1, 

FIG. 3 is a block diagram showing the deciphering 
means in FIG. 1, 

FIG. 4 is a flow chart showing the steps of procedure 
in the enciphering process, and 

FIG. 5 is a flow chart showing the steps of procedure 
in the deciphering process. 

DETAILED DESCRIPTION AND THE 
PREFERRED EMBODIMENT 

In the present invention, in accordance with the 
above-described means for solving problems, the plain- 
text information requiring to be kept secret is prelimi- 
narily enciphered by the data encryption key means, 
and further, this data encryption key means per se is 
enciphered by the encryption key which is in a secret 
state acting as the master key and after having been 
stored or made freely transmissible, this information can 
be deciphered into the plaintext information only by 
utilizing said deciphering key means, so that it is con- 
templated that without being restricted by the applica- 
tion program held by the user the plaintext is enci- 
phered in the stage of the final writing and deciphered 
in the stage of reading, and moreover, since in the enci- 
phering and deciphering the use of the specific key is an 
indispensable condition, even in the information trans- 
mission system utilizing the magneto-optical floppy 
MOD, the privacy of the information can be safely 
ensured. 

As explained with reference to an embodiment be- 
low, in the present invention, it is possible that valuable 
secret information is enciphered by data encryption 
key, and further this data encryption key can be re- 
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corded and transmitted in such a state that it is enci- trols the host security unit 25. These units 21-23 are also 
phercd by the encryption key means which acts as the in connection with the above-described host security 
master key maintained in complete secret within a black unit 25 through the host interface 24 for the high speed 
box, so that only the person who keeps the encryption communication use, whereby the form of connection is 
key having the master function can rightly write, re- 5 due to the line L2 such as a connector widely used for 
write and read out the information, and since, under the various purposes (RS 232C) or SCSI as in the case of 
situation of mere enciphering operation the data cn- the terminal device I. 

cryption key remains unknown, the present invention Also with regard to the host security unit 25, it is, as 
can produce remarkable effects in that information can in the case of the terminal security unit 15, of the type of 
be completely prevented from leakage and disguise. 10 a black box, wherein an encryption key TK the same as 
Also, since the operation of exclusive OR and substi- the above-described is housed for the deciphering into 
tution as well as the chain means between the codes the plaintext information. 

were adopted in the enciphering process, the processing Further, as for the algorithm adopted in this system, 
time could be shortened by a large margin, enabling in order to attempt the speed up of the processing a 
high speed processing. 15 specific algorithm (LDES) is adopted with a back- 

Next, with reference to the drawing showing an em- ground of the above-described standard DES. 
bodiment the present invention will be explained below That is to say, the main content of this specific algo- 
in detail. rithm (LDES) is in brief of the form such that it is in- 

In the first place, by FIG. 1 the general outline of the tended to encipher every one single character (1 code) 
system may be explained as follows. 20 by making good use of the operations of exclusive OR 

That is to say, the system is the one designed in such (XOR) and substitution as well as the chain between the 
a way that the plaintext information (X) provided by the codes that are readily processed by the user's applica- 
terminal device 1 installed at the home-banking in the tion program for the above-described security input- 
home or at the branch offices, or the like, of financial output unit 12. In accordance with this form even by 
institutions such as banks, etc. is enciphered and stored 25 means of the terminal equipment such as the standard 
in an empty floppy FA that is magneto-optical disk of a general-use type personal computer, etc. high speed 
large capacity, and said floppy is deciphered and rpad processing can be made within about 7 ^s/code, and for 
out into the plaintext information (X) in the host device instance, the time required for plaintext of 1024 bytes to 
2 which is in the mutually independent relation with be enciphered is in the order of about 15 ms. which 
each of the terminal devices. With reference to FIGS. 2 30 remains within the limits of the tolerance of the user's 
and 3 too, the function of the system wiU be explained in program. 

more detail below. Next, with reference to FIGS. 4 and 5, the respective 

The terminal device 1 which the user utilizes for the steps of enciphering and deciphering will be explained, 
enciphering process is in connection with, for instance, ■ t, • 

a personal computer as an operation instruction as well 35 ^^^P ^' Enciphcnng 

as plain text input unit 16, and within the interior In the first place, in the case where plaintext informa- 
thereof there are provided a drive unit 11 which can tion (X) is enciphered, an empty floppy FA that is a 
receive the empty floppy FA and drive it, a security storage medium of a large capacity is beforehand pro- 
input-output unit 12 which can encipher the plain-text vided for storing the information, and by application 
information pC), and a control unit 13 which can freely 40 means not shown in the figure, security ID is written in 
control a terminal security unit 15. Each of these units this empty floppy FA, in which case, however, if the 
11-13 can be connected with the above-described ter- security ID is set to be, for instance, ErKiOEK}, then the 
minal security unit 15 by line Li through the terminal ErxiOEJO has to input to said empty floppy FA as the 
interface 14 for high speed communication use, but as security ID, so that the empty floppy FA in that state is 
the connection means it should preferably be in the 45 charged in the drive unit 11 of the terminal device 1 and 
form of connection widely usable for various purposes input to the plaintext information (X) security input- 
such as, for instance, RS 232C, SCSI, etc. output unit 12 by the plaintext input unit 16 of a per- 
Funher, the above-described terminal security unit sonal computer, or the like, that is the general-use plain- 
15 which functions as one kind of enciphering device is text input means. 

of the type of a black box, wherein there is enclosed a 50 In this security input-output unit 12, the control unit 
personal encryption key TK about which only the user 13 is started in accordance with the application program 
knows that it has been designed in such a way that when provided therein, and through the interspatially pro- 
the enclosure is opened, for instance, by an illegal re- vided terminal interface 14 the above-described security 
verse-engineering, or the like, the content is automati- ID is transferred to the terminal security unit 15 to 
cally extinguished. The encryption key per se has no 55 receive the data encryption key DEX, which is used 
function of directly enciphering the plaintext informa- therein for the intended enciphering, whereby the writ- 
tion (X), but instead fulfills the function of one kind of ing on the empty floppy is carried out as follows, 
master key, i.e., it enciphers the data encryption key That is to say, in accordance with the program in the 
DEX, or, so to speak, it possesses the function which security input-output unit 12 the plaintext information 
can further encipher the "key" on the algorithm enci- 60 Qi) is enciphered by the data encryption key on the user 
phering the plaintext information (X). side to give a cipher in the equation: ETKiDEX) (1), and 

On the other hand, as shown in FIG. 3, as the hard- then, the data encryption key DEX is further enci- 
ware for the deciphering process there is provided the phered by the above-described encryption key TK in 
host device 2 installed at the main ofilce, or the like, of the terminal security unit to convert it as shown by the 
fmancial institutions, and within the interior thereof 65 equation: EDEK(X) (2), and write it in the empty 
there are provided a drive unit 21 which can drive the floppy FA in that form. 

floppy having the enciphered information stored, a Thus, the information enciphered in the desired form 
deciphering unit 22, and a control unit 23 which con- in the empty floppy FA is stored in the form of the 
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above-described equation (2) to give a cipher-stored 
floppy FB. 

In addition, as a matter of course the data encryption 
key DEX as well as the encryption key TK is fully 
known to the user side, so that it is also needless to say ^ 
that the system is constituted in such a manner that the 
plaintext information (X) can be checked for the confir- 
mation of its accuracy by making good use of the CRT, 
etc. of the personal computer acting as the plaintext 
information input unit 16. 

As described above, in the present example, the user 
gives instructions of writing and storing to the security 
input-output unit 12 by the program which he uses, with 
the intention of enciphering the information by the 
above-described processing, so that the data encryption 
key DEX on the user side may not be mentioned to be 
sufficient in the point of maintenance of secrecy, but as 
it is contemplated that the data encryption key DEX is 
enciphered by the encryption key TK possessed of the 20 
character as the master key stored within the black box, 
there is not a shred of uneasiness in keeping the whole 
system secret, and if unfortunately a leakage of the data 
encryption key DEX should occur, the safety of the 
present security system as a whole cannot be threatened 25 
in the least. 

(2) Step of Deciphering 

Next, as to the deciphering, it is operated in such a 
way that the above-described cipher-stored floppy FB 30 
is charged in the drive unit 21 of the host device 2 so as 
to start the host device 2 by a personal computer, or the 
like, which acts as a plaintext output unit 26, whereby 
the control unit 23 is driven by the application program 
within the deciphering unit 22, so that the encryption 
key TK similar to the above-described one in the host 
security unit 25 is received by the deciphering unit 23 
through the host interface 24, and then, the enciphered 
information of the above-described equation (2) is deci- ^ 
phered by the same operation as in the case of the enci- 
phering and converted into plaintext information (X), 
whose content may be visualized by means of, for in- 
stance, the CRT of the personal computer, or the like, 
which acts as the plaintext output unit 26. 

In addition, in the present example, explanation was 
given chiefly on the system wherein the magneto-opti- 
cal floppy was adopted as the storage medium of a large 
capacity, but it is needless to say that even by the ordi- 
nary floppy disk, or other optical disks, or DAT, etc. 50 
the same file security system can be constituted, these 
being included in the other examples of the present 
invention. 

What is claimed is: 

1. A file security system which comprises a terminal 55 
device and a host device; 
said terminal device including: 



a removable terminal key means including means 
for storing a personal encryption key, and de- 
stroying said persona] encryption key when said 
terminal key means is opened, 

fu^t means for inputting plaintext information and 
writing corresponding enciphered information 
and an enciphered data encryption key on a stor- 
age device, 

security input-output means for enciphering said 
plaintext information by using the data encryp- 
tion key and for enciphering said data encryption 
key by using a personal encryption key, 
terminal control means for controlling said first 
means and said security input-output means, and 
for outputting said personal encryption key to 
said terminal key, and 
terminal interface means for connecting said first 
means, said security input-output means, said 
terminal control means and said terminal key; 
said host device including: 
a host key means including means for storing said 
personal encryption key, 
second means for reading said corresponding enci- 
phered information from said storage device and 
writing said plaintext information, 
deciphering means for deciphering said enciphered 
data encryption key using said personal encryption 
key and deciphering said corresponding enci- 
phered information using said deciphered data en- 
cryption key, 
host control means for controlling said second means 
and said deciphering means, and for retrieving said 
personal encryption key, and 
host interface means for connecting said second 
means, said deciphering means, said host control 
means and said host key; 
wherein said terminal and host keys means contain 
said means for respectively connecting to said ter- 
minal and host interface means. 

2. The file security system of claim 1, wherein said 
terminal and host keys are in the form of a box. 

3. The file security system of claim 1, wherein said 
storage device of said first means includes a magneto- 
optical floppy for storing said enciphered information 
and said enciphered data encryption key. 

4. The file security system of claim 1, wherein said 
terminal control means and said host control means 
include data processing means which enables operations 
of exclusive OR, substitution, and chaining between 
codes. 

5. The file security system of claim 1, wherein said 
host key is removable from said host device in normal 
operation, 

6. The file security system of claim 2, wherein said 
host key is removable from said host device in normal 
operation. 
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